Authentication Bypass Vulnerability in n8n by n8n.io
CVE-2026-56350
6MEDIUM
What is CVE-2026-56350?
The vulnerability in n8n before version 2.8.0 enables authenticated Single Sign-On (SSO) users to disable SSO enforcement via the API. This exploit allows attackers to circumvent established organizational security protocols, including multi-factor authentication mandated by the identity provider, by creating local password credentials. As a result, it poses a risk of unauthorized access and could lead to significant security breaches.
Affected Version(s)
n8n 0 < 2.8.0
n8n 2.8.0
